Denial-of-Sleep Vulnerabilities and Defenses in Wireless Sensor Network MAC Protocols
Raymond, David Richard
MetadataShow full item record
As wireless sensor platforms become less expensive and more powerful, the promise of their wide-spread use for everything from health monitoring to military sensing continues to increase. Like other networks, sensor networks are vulnerable to malicious attack; however, the hardware simplicity of these devices makes defense mechanisms designed for traditional networks infeasible. This work explores the denial-of-sleep attack, in which a sensor nodeâ s power supply is targeted. Attacks of this type can reduce sensor lifetime from years to days and can have a devastating impact on a sensor network. This work identifies vulnerabilities in state-of-the-art sensor network medium access control (MAC) protocols that leave them susceptible to denial-of-sleep attack. It then classifies these attacks in terms of an attackerâ s knowledge of the MAC layer protocol and ability to bypass authentication and encryption protocols. Attacks from each category in the classification are modeled to show the impacts on four current sensor network MAC protocols: S-MAC, T-MAC, B-MAC and G-MAC. To validate the effectiveness and analyze the efficiency of the attacks, implementations of selected attacks on S-MAC and T-MAC are described and analyzed in detail. This research goes on to introduce a suite of mechanisms designed to detect and mitigate the effects of denial-of-sleep attacks on sensor networks. The Clustered Anti Sleep-Deprivation for Sensor Networks, or Caisson, suite includes a lightweight, platform-independent anti-replay mechanism, an adaptive rate-limiter and a jamming detection and mitigation mechanism. These tools are designed to be applied selectively or in concert to defend against denial-of-sleep attacks depending on the specific vulnerabilities in the MAC protocol used in a particular sensor network deployment. This work makes two major contributions to state-of-the-art wireless sensor network research. First, it fully explores the denial-of-sleep attack, to include the implementation of a subset of these attacks on actual sensor devices and an analysis of the efficiency of these attacks. Second, it provides a set of tools by which these attacks are detected and defeated in a lightweight, platform-independent, and protocol-independent way. If sensor networks are to live up to current expectations, they must be robust in the face of newly emerging network attacks, to include denial-of-sleep.
- Doctoral Dissertations